System and method for selectively initiating biometric authentication for enhanced security of financial transactions

ABSTRACT

A method and system of selectively initiation biometric security based on thresholds is described. The method includes determining a transaction amount of a current transaction involving an electronic portable transaction device, retrieving a threshold amount from a data storage device, comparing the transaction amount and threshold amount, and, if the transaction amount matches or exceeds the threshold amount, initiating a biometric authentication process.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is related to co-pending U.S. patent applicationSer. No. 14/596,508, filed Jan. 14, 2015, entitled “System and Methodfor Requesting Reconciliation of Electronic Transaction Records forEnhanced Security”; U.S. patent application Ser. No. 14/596,472, filedJan. 14, 2015, entitled “System and Method for Comparing ElectronicTransaction Records for Enhanced Security”; U.S. patent application Ser.No. 14/596,420, filed Jan. 14, 2015, entitled “System and Method forReconciling Electronic Transaction Records for Enhanced Security”; U.S.patent application Ser. No. 14/596,572, filed Jan. 14, 2015, entitled“Smart Card Systems Comprising a Card and a Carrier”; U.S. patentapplication Ser. No. 14/603,703, filed Jan. 23, 2015, entitled“Biometric Device Utilizing Finger Sequence for Authentication”; U.S.patent application Ser. No. 14/616,069 filed Feb. 6, 2015, entitled“Smart Card Systems and Methods Utilizing Multiple ATR Messages”; andU.S. patent application Ser. No. ______, entitled “System and Method forSelectively Initiating Biometric Authentication for Enhanced Security ofAccess Control Transactions,” which are all incorporated herein byreference in their entirety.

FIELD OF THE INVENTION

The present invention relates to electronic transactions. Morespecifically, the present invention relates to system and method forselectively initiating biometric authentication for enhanced security ofelectronic transactions.

BACKGROUND

Electronic transactions—such as for payments or access to a facility orcomputer—can be conducted using electronic portable transaction devices,such as smart cards or mobile devices. A smart card is a device thatincludes an embedded integrated circuit chip that can be either a secureprocessing module (e.g., microprocessor, microcontroller or equivalentintelligence) operating with an internal or external memory or a memorychip alone. Smart cards can provide identification, authentication, datastorage, and application processing, Smart cards can serve as credit orATM debit cards, phone or fuel cards, and high-security access-controlcards for granting access to a computer or a physical facility. Smartcards can authenticate identity of the user by employing a token, suchas public key infrastructure (PKI) and one-time-password (OTP). Inaddition, smart cards can be configured for a biometric authenticationto provide an additional layer of security.

Similarly, mobile devices such as smartphones, PDAs, tablets, andlaptops can provide a platform for electronic transactions. For example,a user of a mobile device can conduct an electronic transaction forpurchase of a product or service using an application that communicateswith a mobile payment service. Mobile devices can be configured for atoken-based authentication and/or a biometric authentication.

Additional layers of security, however, may not always be necessary, ordesired. For example, biometric authentication may not need to occur forlow-value or routine transactions, such as purchases below a certainamount. What is needed is a method of enhanced security that may beselectively applied based on the nature of the transaction.

BRIEF SUMMARY OF THE INVENTION

Various embodiments of the present disclosure are directed toselectively enhancing security of electronic transactions through theuse of authentication thresholds.

In accordance with the technology described herein, a method ofselectively initiating biometric authentication for financialtransactions comprises identifying a transaction amount associated withan electronic transaction involving an electronic portable transactiondevice; retrieving a threshold amount from a data storage device;comparing the transaction amount from a data storage device; andinitiating a biometric authentication process if the transaction amountmatches or exceeds the threshold amount.

In accordance with the technology described herein, a device forselectively initiating biometric authentication for financialtransactions comprises a processing module configured to execute aprogram configured to: identify a transaction amount associated with anelectronic transaction involving an electronic portable transactiondevice; retrieve a threshold amount from a data storage device; comparethe transaction amount and the threshold amount; and initiate abiometric authentication process if the transaction amount exceeds thethreshold amount; and a memory configured to store the program.

Other features and aspects of the disclosed technology will becomeapparent from the following detailed description, taken in conjunctionwith the accompanying drawings, which illustrate, by way of example, thefeatures in accordance with embodiments of the disclosed technology. Thesummary is not intended to limit the scope of any inventions describedherein, which are defined solely by the claims attached hereto.

BRIEF DESCRIPTION OF SEVERAL VIEWS OF THE DRAWINGS

The technology disclosed herein, in accordance with one or more variousembodiments, is described in detail with reference to the followingfigures. The drawings are provided for purposes of illustration only andmerely depict typical or example embodiments of the disclosedtechnology. These drawings are provided to facilitate the reader'sunderstanding of the disclosed technology and shall not be consideredlimiting of the breadth, scope, or applicability thereof. It should benoted that for clarity and ease of illustration these drawings are notnecessarily made to scale.

FIG. 1 is a block diagram of an example electronic transaction systemwithin which various embodiments of the technology disclosed herein maybe implemented.

FIG. 2 is another block diagram of an example electronic transactionsystem within which various embodiments of the technology disclosedherein may be implemented.

FIG. 3 is a block diagram of an example electronic transaction systemimplementing biometric security utilizing thresholds according tocertain aspects of the present disclosure.

FIG. 4 is a block diagram of another example electronic transactionsystem implementing biometric security utilizing thresholds according tocertain aspects of the present disclosure.

FIG. 5 is a block diagram of another example electronic transactionsystem implementing biometric security utilizing thresholds according tocertain aspects of the present disclosure.

FIG. 6 is a block diagram of an example computer access control systemimplementing biometric security utilizing thresholds according tocertain aspects of the present disclosure.

FIG. 7 is a block diagram of an example facility within which a facilityaccess control system according to certain aspects of the presentdisclosure may be implemented.

FIG. 8 is a block diagram of an example facility access control systemimplementing biometric security utilizing thresholds according tocertain aspects of the present disclosure.

FIG. 9 is a flowchart illustrating an example biometric securityutilizing thresholds for financial transactions according to certainaspects of the present disclosure.

FIG. 10 is a flowchart illustrating an example biometric securityutilizing thresholds for access control transactions according tocertain aspects of the present disclosure.

FIG. 11 is a flowchart illustrating an example of biometric securityutilizing thresholds implemented in a portable access control deviceaccording to certain aspects of the present disclosure.

FIG. 12 is a flowchart illustrating an example of biometric securityutilizing threshold implemented in a portable access control deviceaccording to certain aspects of the present disclosure.

DETAILED DESCRIPTION

The present disclosure addresses this and other problems associated withenhanced layers of security for electronic transactions by providing aprocedure for selectively initiating biometric authentication of anelectronic portable transaction device. In certain aspects of thepresent disclosure, the selective initiation of biometric authenticationcan be based on thresholds associated with the need for biometricauthentication (hereinafter “threshold-based authentication procedure”).For financial transactions, biometric authentication can be initiatedbased on a comparison between a transaction amount of a transactioninvolving an electronic portable transaction device and a thresholdamount associated with the user's account. For access controltransactions, biometric authentication can be initiated based on acomparison between an access security level associated with an accessdomain and an access permission level associated with an electronicportable transaction device.

In the following detailed description, numerous specific details are setforth to provide a full understanding of various aspects of the subjectdisclosure. It will be apparent, however, to one ordinarily skilled inthe art that various aspects of the subject disclosure may be practicedwithout some of these specific details. In other instances, well-knownstructures and techniques have not been shown in detail to avoidunnecessarily obscuring the subject disclosure.

FIG. 1 is a block diagram of an example electronic transaction system100 that can implement a threshold-based authentication procedureaccording to certain aspects of the present disclosure. The system 100includes an electronic portable transaction device (PTD) 110, atransaction processing system (TPS) 130, and an interface device 120that facilitates communications between the PTD 110 and the TPS 130. ThePTD 110 can be, for example, a smart card, a smart key, a smart fob, ora mobile device. In some embodiments, the PTD 110 can include abiometric authentication module (not shown) for biometricauthentication.

The PTD 110 can conduct various types of electronic transactions withthe TPS 130 via the interface device 120. For financial transactionapplications, the PTD 110 can be a smart payment card such as a smartcredit, debit, and/or prepaid card, or a smartphone with a paymenttransaction application. The TPS 130 can be a payment processing systemof a merchant (e.g., Target®), a bank (e.g., Bank of America®), or acard issuer (e.g., Vise). The interface device 120 can be a point ofsale (POS) terminal that can communicate with the PTD 110 using acontact method (e.g., matching male and female contact pads) or acontactless method (e.g., RFID, Bluetooth, NFC, Wi-Fi, ZigBee).

For access control applications, the PTD 110 can be a smart access cardfor providing access to a facility or computer. The TPS 130 can be aserver in a central computer system, or a dedicated access controllerthat controls an access to a facility or computer. Interface device 120can be a card reader that can communicate with the PTD 110 using acontact method (e.g., contact pads) or a contactless method (e.g., RFID,Bluetooth, NFC, Wi-Fi, ZigBee).

In the illustrated example of FIG. 1, the PTD 110 includes a processingmodule 112 and a data storage device 114; the interface device 120includes a processing module 122 and a data storage device 124; and theTPS 130 includes a processing module 132 and a data storage device 134.In some embodiments, the PTD 110 can include a biometric authenticationmodule (not shown) that includes a biometric sensor and a controller.The processing modules 112, 122, and 132, depending on the application,may be a microprocessor, microcontroller, application-specificintegrated circuit (ASIC), field-programmable gate array (FPGA),computer, server, or any combination of components or devices configuredto perform and/or control the functions of the PTD 110, interface device120, and TPS 130, respectively. The data storage devices 114, 124, and134, depending on the application, may be a read-only memory (ROM), suchas EPROM or EEPROM, flash, a hard disk, a database, or any other storagecomponent capable of storing executory programs and information for useby the processing modules 112, 122, and 132, respectively.

FIG. 2 is a block diagram of an example electronic transaction system200 that implements a threshold-based authentication procedure accordingto certain aspects of the present disclosure As illustrated in FIG. 2,electronic transactions occur between a portable transaction device(PTD) 110A and a transaction processing system (TPS) 130A without aninterface device. By way of example, a shopper may use a smartphoneequipped with a camera to capture an image of a code (e.g., bar or QRcode) to make a payment for a product or service by transmitting paymentinformation to a card payment processing system via a cellular network.By way of another example, an access card reader at a facility may storeinformation (e.g., passwords and/or security tokens) associated withemployees authorized to enter the facility and, upon reading an accesscard, may compare security information received from the card with thestored information and grant or deny access depending on the outcome ofthe comparison.

FIG. 3 is a block diagram of an example electronic transaction system300 that can implement a threshold-based authentication procedureaccording to certain aspects of the present disclosure. In theillustrated example, the system 300 includes an electronic portabletransaction device (PTD) 310, an interface device 320, and a transactionprocessing system (TPS) 330. In some embodiments, the PTD 310 is a smartcard, in which case the interface device 320 can be a card reader. Insome embodiments, the PTD 310 is a mobile device such as a smart phone,PDA, or tablet, in which case the interface device 320 can be an opticalscanner or camera that can read a code presented on a display of themobile device, or a Bluetooth, Wi-Fi or a near field communication (NFC)device that can communicate authentication- and/or transaction-relateddata between the mobile device and the TPS 330. In some embodiments, thePTD 310 is a smart card and the interface device 320 is a mobile device,in which case the smart card can perform authentication-relatedfunctions and the mobile device can provide a communication link betweenthe smart card and the TPS 330.

In the illustrated embodiment of FIG. 3, the PTD 310 includes aprocessor 112, a memory 114, and an interface 116. In certainembodiments, the memory 114 can store a program that performs variouscommunication and transaction functions of the PTD 310. The memory 114can also store a password, token, and/or other identificationinformation unique to the PTD 310. In some embodiments, the memory 114can be part of the processor 112. In various embodiments, the PTD 310may include a second memory. In such embodiments, the second memory maystore one or more of the data items discussed above with regard tomemory 114. In other embodiments, the second memory can store a recordof previous transactions involving the PTD 310 and implement areconciliation-based authentication for extra security of the PTD 310,such as the process disclosed in U.S. patent application Ser. No.14/596,508, U.S. patent application Ser. No. 14/596,472, and U.S. patentapplication Ser. No. 14/596,420, the disclosures of which are hereinincorporated by reference in their entirety. In various embodiments, themore than one memory may be a single memory component. The interfacedevice 320 includes a processor 122, a memory 124, and an interface 126.The TPS 330 includes one or more processing modules including a server132, one or more data storage devices including a user database 134, andan interface 136 for communicating with the interface device 320 via acommunication network 302. In some embodiments, the user database 134can store various data items relating to the PTD 310, including apassword and data items relating to previously completed transactionsinvolving the PTD 310.

The interface 116 and the interface 126 provide a communication linkbetween the PTD 310 and the interface device 320. Using thiscommunication link, the PTD 110 can communicate authentication- and/ortransaction-related data with the interface device 120 and/or the TPS130. In some embodiments, the PTD 110 can also receive power in the formof a voltage and/or current from the interface device 120 via theinterfaces 116, 126. In certain embodiments, the interfaces 116, 126 caninclude a pair of male and female contact pads provided in the PTD(e.g., a smart card) and the interface device (e.g., a POS terminal). Insome embodiments, the interfaces 116, 126 can include a pair oftransceivers supporting wireless standards such as RFID, Bluetooth,Wi-Fi, NFT, and ZigBee. In some embodiments, the interface 116 can be adisplay of the mobile terminal that presents a code (e.g., a bar code orQR code) and the interface 126 can be an optical/infrared code scannercoupled to a POS terminal. In some embodiments, the interfaces 116,126are a pair of wireless transceivers in a mobile device (e.g., asmartphone) and a POS terminal, respectively. In some embodiments, wherethe PTD 110 is a contactless smart card and the interface device 120 isa mobile device (e.g., a smartphone), the interfaces 116, 126 caninclude a pair of wireless transceivers in the contactless smart cardand the mobile device, respectively.

In some embodiments, the PTD 110 is a mobile device that communicateswith the TPS 130 via a wide area wireless network, such as a 3G UMTS or4G LTE network, without the need for an interface device 120. In someembodiments, the PTD 110 is a smart card having a wireless capabilitythat allows the card to communicate with the TPS 130 via a cellularnetwork, such as a 3G UMTS or 4G LTE network, without the need for aninterface device 120.

In certain embodiments, the processor 112 is configured to perform anauthentication procedure using a security token stored in the memory114. Such a token-based authentication procedure is known in the art,and an exemplary procedure is described in “EMV® Payment TokenisationSpecification, Technical Framework” version 1.0, March 2014, which isincorporated herein by reference for all purposes.

In certain embodiments, the PTD 110 can include a biometricauthentication module 350 that includes a control 352 and a biometricsensor 355. In other embodiments, the biometric authentication module350 can be in the interface device (e.g., a POS terminal) instead of inthe PTD 110. Biometric authentication can begin with the collection of adigital biometric sample (e.g., bitmap image of user's fingerprint)using the biometric sensor 355. Useful features contained in thecollected sample are then extracted and formatted into a template recordthat can be matched against other template records. In variousembodiments, the template is stored at registration (and when combinedwith identity vetting, establishes an identity) in a memory (not shown)inside the biometric authentication module 350 or in one of the firstand second memories 113, 114. When a transaction takes place, thebiometric sensor 355 can measure the same biometric characteristic andthe control 352 can process the measured biometric characteristic into atemplate format, and compare the template to the previously registeredtemplate.

Biometric measurements may vary slightly from one measurement to thenext. This variation is not typically due to changes in the biometricfeature being measured but to the mechanism and environment in which thedata are captured. Therefore, a biometric sample measured atregistration may not precisely match the results of the live samplemeasurement. As a result of this variability, in various embodiments asimilarity score is generated and this score is compared against apre-determined threshold value to determine what constitutes anacceptable match.

Enhanced security may be applied to electronic transactions only whenthe nature of the electronic transaction breaches a certain thresholdassociated with electronic transactions, such as financial transactionsor access control transactions. With a reference to the embodiment ofFIG. 3, in a threshold-based authentication procedure for a financialtransaction, the threshold may be a threshold amount related to a PTD310 can be stored in memory 114 of the PTD 310, memory 124 of theinterface device 320, or the memory 134 of the TPS 330. When a userattempts a new financial transaction involving the PTD 310, atransaction amount associated with the transaction is determined. Thetransaction amount is the total value of all the goods and/or services auser is purchasing at a given time. In addition, the threshold amount isretrieved from the memory 114, 124, or 134, and compared with thedetermined transaction amount. In various embodiments, the comparison isperformed by the processing module 132 at the TPS 330. In otherembodiments, the comparison is performed by the processing module 122 atthe interface device 120. In some embodiments, the comparison isperformed by the processing module 112 at the PTD 310. In someembodiments, the comparison can be performed by more than one device.For example, in an embodiment where the PTD 310 is a smart card (e.g., asmart card payment), the TPS 330 is a payment processing system, and theinterface device is a mobile terminal (e.g., a smartphone) thatcommunicates with the smart card (using e.g., RFID, Bluetooth, NFC,Wi-Fi, or ZigBee) and the TPS 330 (using e.g., a cellular network), thesmart card can perform one comparison and the mobile terminal canperform another comparison as described further below with respect toFIG. 5.

For access transactions, the threshold may be an access security level.The access security level is a value indicative of a security levelassociated with an access control domain (e.g., a lab in a facility).When a user attempts new access transaction involving the PTD 310, theaccess security level associated with an access control domain iscompared with an access permission level associated with the PTD 310. Insome embodiments, the access permission level, access security level, orboth may be stored in one of the memory 114, 124, and 134. In variousembodiments, the comparison is performed by the processing module 132 atthe TPS 330. In other embodiments, the comparison is performed by theprocessing module 122 at the interface device 120. In some embodiments,the comparison is performed by the processing module 112 at the PTD 310.In some embodiments, the comparison can be performed by more than onedevice. For example, in an embodiment where the PTD 310 is a smart card(e.g., a smart card payment), the TPS 330 is a payment processingsystem, and the interface device is a mobile terminal (e.g., asmartphone) that communicates with the smart card (using e.g., RFID,Bluetooth, NFC, Wi-Fi, or ZigBee) and the TPS 330 (using e.g., acellular network), the smart card can perform one comparison and themobile terminal can perform another comparison as described furtherbelow with respect to FIG. 5.

In some embodiments, a threshold-based authentication procedure can berequested by a device that is different from a device that performs thethreshold-based authentication procedure (e.g., comparison of thethreshold amount and transaction amount). For example, the TPS 330 cansend a request for a threshold-based authentication procedure inconnection with a new financial transaction involving the PTD 310. Insome embodiments, the TPS 330 can also send the threshold amountassociated with PTD 310 stored in database 134. The processor 122 at theinterface device 320 can receive the request and the threshold amountfrom the TPS 330, determine a transaction amount for the currenttransaction involving the PTD 310, and compare the threshold amount andthe transaction amount for a match. In other embodiments, the interfacedevice 320 passes the request and the threshold amount received from theTPS 330 to the PTD 310, and the processor 112 at the PTD 310 receivesthe request and the threshold amount from the interface device 320,determine a transaction amount for the current transaction involving thePTD, and compare the threshold amount and the transaction amount for amatch. In some embodiments where the PTD 310 (e.g., a smartphone) hasthe capability to communicate with a cellular network, such as a 3G UMTSor 4G LTE network, the PTD 310 can receive the request and the thresholdamount from the TPS 330 via the cellular network without involving aninterface device such as a POS terminal.

In some embodiments, the PTD 310 can send a request for athreshold-based authentication procedure in connection with a newfinancial transaction involving the PTD 310. In some embodiments, thePTD 310 can also send a threshold amount involving the PTD 310 that arestored in the memory 114. The processor 122 at the interface device 320can receive the request and the threshold amount from the PTD 310,determine a transaction amount associated with the current transaction,and compare the threshold amount and transaction amount for a match. Inother embodiments, the interface device 320 passes the request and thethreshold amount received from the PTD 310 to the TPS 330, and theprocessor (e.g., server) 132 at the TPS 330 receives the request and thethreshold from the interface device 320, determines a transaction amountassociated with the current transaction involving the PTD 310, andcompares the threshold amount and the transaction amount for a match. Insome embodiments where the PTD 310 (e.g., a smartphone) has thecapability to communicate with a cellular network, such as a 3G UMTS or4G LTE network, the PTD 310 can send the request and the first record tothe TPS 330 via the cellular network without involving an interfacedevice such as a POS terminal.

In some embodiments, the interface device 320 can request athreshold-based authentication procedure related to a financialtransaction by sending a request to either the PTD 310 or the TPS 330.If the request is sent to the PTD 310, the processing module 122 at theinterface device 320 can retrieve a threshold amount for transactionsinvolving the PTD 310 from the user database 134 at the TPS 330 and sendthe threshold amount to the PTD 310. The processing module 112 at thePTD 310 can receive the request and the threshold amount from theinterface device 320, determine a transaction amount for the currenttransaction involving the PTD 310, and perform a comparison between thethreshold amount and the transaction amount for a match. In variousembodiments, if the request is sent to the TPS 330, the processingmodule 122 at the interface device 320 can retrieve a threshold amountinvolving the PTD 310 from the memory 114 at the PTD 310 and send thethreshold amount to the TPS 330. The server 132 at the TPS 330 canreceive the request and the threshold amount from the interface device320, determine a transaction amount for the current transactioninvolving the PTD 310, and perform a comparison between the thresholdamount and the transaction amount for a match. In other embodiments, theTPS 330 may already store the threshold amount in memory 134

Although the above threshold-based authentication procedure has beendescribed in regards to financial transactions, the same embodiments areapplicable to access transactions. Instead of determining a transactionamount associated with the current transaction, the PTD 310, TPS 330, orinterface device 320 may retrieve an access permission level associatedwith the PTD 310, described above. The same comparison process wouldoccur.

Various example arrangements of electronic transaction systemsimplementing a threshold-based authentication procedure are describedbelow with respect to FIGS. 4-7. FIG. 4 depicts an example electronicpayment transaction system 400 that implements a threshold-basedauthentication procedure according to certain aspects of the presentdisclosure. The system 400 includes a payment processing system 430 thatincludes one or more servers 432 and a user database 434 coupled to theservers 432. In some embodiments, the user database 434 can storevarious data items relating to card holders, including passwords,threshold amounts, and records of previously completed paymenttransactions. In various embodiments, the system 400 may include aninternal or proprietary payment transaction system 401 of a merchant(e.g., Target®). Payment transaction system 401 may include varioustypes of interface devices 420A-E that facilitate transaction-relatedcommunications between various types of portable payment transactiondevices 410A-E and the server(s) 432 at the payment processing system430. In the illustrated example, the portable payment transactiondevices 410A-E are smart payment cards that can communicate with theinterface devices 420A-E. Each of the portable payment transactiondevices 410A-E can include all or some of the components 112, 114, 116,350, 352, and 355 of the PTD 310 depicted in FIG. 3. Each of theinterface devices 420A-E can include all or some of the components 122,124, and 126 of the interface device 320 depicted in FIG. 3. In theillustrated embodiment, the merchant's internal payment transactionsystem 401 further includes a server 442 and a database 444 that canstore data items relating to the merchant's customers includingthreshold amounts, passwords, tokens, and transaction records.

To enable communication between the payment processing system 430 andthe merchant's internal payment transaction system 401, the interfacedevices 420A-E and the server 442 in the internal payment transactionsystem 401 have wired or wireless connections to an internalcommunication network 404 (e.g., Intranet), which is in turn connected awide area network 406 (e.g., Internet). In this manner, the POSterminals 420A-E, the smart payment cards 410A-E, and the server 442 canengage in data communication with the server(s) 432 at the paymentprocessing system 430.

In the illustrated example of FIG. 4, the interface device 420A is afixed point of sale (POS) terminal that is configured to operate with acontact smart payment card 410A and has a wired connection (e.g., wiredEthernet) to the internal communication network 404. During a paymenttransaction, the contact smart payment card 410A is inserted into thePOS terminal 420A for data communication. For this purpose, the contactsmart payment card 410A can be equipped with male contact pads and thePOS terminal 420A can be equipped with corresponding female contact padsor vice versa. Other methods of providing contact-based communicationcoupling between the contact smart payment card 410A and the POSterminal 420A, including micro connectors, can be utilized.

The interface device 420B is a fixed POS terminal that is configured tooperate with a contactless smart payment card 410B and has a wiredconnection (e.g., wired Ethernet) to the internal communication network404. During a payment transaction, the contactless smart payment card410B is placed adjacent to the POS terminal 420B for wireless datacommunication. For this purpose, the contactless smart payment card 410Band the POS terminal 420B can be equipped with transceivers based on awireless standard or technology, such as RFID, Bluetooth, NFC, Wi-Fi,and ZigBee.

The interface device 420C is a portable POS terminal that is configuredto operate with a contact smart payment card 410C, and the portable POSterminal 420C has a wireless connection (e.g., wireless Ethernet) to theinternal communication network 404. During a payment transaction, thecontact smart payment card 410C is inserted into the portable POSterminal 420C for data communication. In various embodiments, thecontact smart payment card 410C can be equipped with male contact padsand the POS terminal 420C can be equipped with corresponding femalecontact pads or vice versa. Other methods of providing contact-basedcommunication coupling between the contact smart payment card 410C andthe POS terminal 420C including, micro connectors, can be utilized.

The interface device 420D is a portable POS terminal that is configuredto operate with a contactless smart payment card 410D, and POS terminal420D has a wireless connection (e.g., wireless Ethernet) to the internalcommunication network 404. During a payment transaction, the contactlesssmart payment card 410D is placed adjacent to the portable POS terminal420D for wireless data communication. For this purpose, the contactlesssmart payment card 410D and the POS terminal 420D can be equipped withtransceivers based on a wireless standard or technology, such as RFID,Bluetooth, NFC, Wi-Fi, and ZigBee.

The interface device 420E is a fixed POS terminal that is configured tooperate with a mobile device (e.g., a smartphone, PDA, tablet), and haseither a wired connection (e.g., wired Ethernet) or a wirelessconnection (e.g., Wi-Fi) to the internal communication network 404.During a payment transaction, the mobile terminal 410E is placedadjacent to the POS terminal 420E for wireless data communication. Forthis purpose, the mobile terminal 410E and the POS terminal 420E can beequipped with transceivers based on a wireless standard or technologysuch as RFID, Bluetooth, NFC, Wi-Fi, and ZigBee. In certain alternativeembodiments, the POS terminal 420E can have a wireless connection (e.g.,wireless Ethernet) to the internal communication network 404. In someembodiments, the POS terminal 420E can be equipped with an opticalscanner or camera that can read a code (e.g., bar code or QR code)displayed on a display of the mobile terminal 410E.

For ease of illustration only, without any intent to limit the scope ofthe present disclosure in any way, various aspects of operation of theelectronic payment transaction system 400 will be described with respectto a financial transaction involving the contact smart payment card 410Aand the POS terminal 420A. It shall be appreciated by those skilled inthe art in view of the present disclosure that the described operationis applicable to other portable transaction devices (e.g., 410B-E) andinterface devices (e.g., 420B-E), and for different types oftransactions, such as access transactions (e.g., access to a facility orcomputer).

In operation, a new transaction is initiated when a user presents thesmart payment card 410A at the POS terminal 420A to pay for productsand/or services by, for example, inserting the card 410A into the POSterminal 421 as shown in FIG. 4. Before authorizing the new transaction,a threshold-based authentication procedure may be performed to determinewhether the transaction is of sufficient worth and importance to requireadditional authentication of the user. For example, card 410A incoordination with the POS terminal 420A and/or the payment processingsystem 432 can determine whether the nature of the transaction requiredadditional security and, if so, initiate a token-based authenticationprocedure. Optionally, the card 410A, a biometric authenticationprocedure may be initiated. To further enhance security of thetransaction, a reconciliation-based authentication procedure may beperformed before, during, or after a token-based authentication and/or abiometric based-authentication.

In certain embodiments, such additional authentication procedures maynot be needed or desired. In various embodiments, a threshold-basedauthentication procedure is performed at the payment processing system430. By way of example, after making a data connection with the card410A, the POS terminal 420A can retrieve (e.g., request and receive) athreshold amount from the card 410A. The POS terminal 420A can alsodetermine a transaction amount for the current transaction involving thecard 410A. The POS terminal 420A can send a request for approval of thenew transaction to the payment processing system 430 along with thethreshold amount retrieved from the card 410A and the determinedtransaction amount. The server(s) 432 at the payment processing system420 receives the request, the threshold amount, and the transactionamount, and performs a comparison of the threshold amount and thetransaction amount.

In certain embodiments, the threshold-based authentication procedure isperformed at the POS terminal 420A. By way of example, after making adata connection with the card 410A, the POS terminal 420A can retrieve athreshold amount and a transaction amount from the card 410A. Theprocessor 122 at the POS terminal 420A performs a threshold-basedauthentication by determining whether the transaction amount receivedfrom the card 410A matches or exceeds the threshold amount. In someembodiments, the POS terminal 420A can determine the transaction amountinstead of receiving the transaction amount from card 410A.

In certain embodiments, the threshold-based authentication is performedat the smart payment card 410A. By way of example, after making a dataconnection with the card 410A, the POS terminal 420A can retrieve athreshold amount from server(s) 432 at the payment processing system420. The POS terminal 420A, upon receiving the threshold amount from thepayment processing system, sends the threshold amount to the card 410A.The processor 112 at the card 410A performs a threshold-basedauthentication by comparing a transaction amount associated with thecurrent transaction determined by the card 410A with the thresholdamount received from the payment processing system 430 via the POSterminal 420A.

FIG. 5 depicts another example electronic payment transaction system 500that implements a threshold-based authentication procedure according tocertain aspects of the present disclosure. The system 500 includes apayment processing system 530 that includes one or more servers 532 anda user database 534 coupled to the server(s) 532. The sever(s) 532conduct different types of electronic payment transactions 501, 502, 503with mobile terminals 520A-C via a cellular network 506.

The first electronic payment transaction 501 involves a contact smartpayment card 510A coupled to the mobile terminal 520A via a smart cardreader 525 and conducting a payment transaction with the paymentprocessing system 530 via the cellular network 506. The secondelectronic payment transaction 502 involves a contactless smart paymentcard 510B wirelessly coupled to the mobile terminal 520B and conductinga payment transaction with the payment processing system 530 via thecellular network 506. The third electronic payment transaction 503involves the mobile terminal 510C as a portable transaction device andan interface device. In some embodiments, mobile terminal 510 cancapture an image of a code (e.g., a bar or QR code) associated with aproduct printed on a package of the product, in a catalog, oradvertisement using an image capture device (e.g., a camera) andconducting a payment transaction for the product with the paymentprocessing system 530 via the cellular network 506.

In each of these payment transactions 501, 502, 503, a threshold-basedauthentication procedure similar to the threshold-based authenticationprocedures described above with respect to FIGS. 1-4 can be performedprior to initiating token-based or biometric-based authenticationprocedures. In the first payment transaction 501, a comparison of athreshold amount and a transaction amount involving the smart paymentcard 510A can be performed by the server(s) 532 at the paymentprocessing system 530, a processor in the mobile terminal 520A, or aprocessor in the smart payment card 510A. The threshold amount can bestored in a memory in the smart payment card 510A, in the database 534at the payment processing system 530, or in a memory in the mobileterminal 520A.

For the second payment transaction 502 a comparison of a thresholdamount and a transaction amount involving the smart payment card 5108can be performed by server(s) 532 at the payment processing system 530,a processor in the mobile terminal 520B, or a processor in the smartpayment card 5108. The first record can be stored in a memory in thesmart payment card 510B, the database 534 at the payment processingsystem 530, or in a memory in the mobile terminal 520B.

For the third payment transaction 503, a comparison of a thresholdamount and a transaction amount involving the mobile terminal 510C canbe performed by server(s) 532 at the payment processing system 530 or aprocessor in the mobile terminal 510C. The first record can be stored ina memory in the mobile terminal 510C, and the second record can bestored in the database 534.

The threshold-based authentication procedure may be implemented in anaccess control system. The access control system may be implemented foraccess to a facility, one or more rooms within the facility, a computingdevice, a computer network, or a combination thereof. FIG. 6 illustratesan example facility implementing a threshold-based authenticationprocedure in accordance with the present disclosure. As illustrated inFIG. 6, each access domain within the facility is assigned an accesssecurity level. In various embodiments, the access domain may be anentry way to a lab or office within a facility and/or the exterior doorsof the facility. For example, a facility that includes work undergovernment contracts with varying levels of security may designate labsfor each level of security applicable (e.g., confidential, secret, topsecret). In the illustrated embodiment, each security level is given anumerical value to indicate the level of security required. In otherembodiments, the access security level may be text-based.

In other embodiments, the access domain may include one or morecomputing device, such as a desktop, laptop, or other computingequipment implemented in a facility. In other embodiments, the accessdomain may be one or more computing networks implemented within anaccess control system. For example, a facility operator may employmultiple computer networks, one for each of various security levels.

FIG. 7 depicts an exemplary facility access control system 700 thatimplements a threshold-based authentication procedure according tocertain aspects of the present disclosure. FIG. 7 illustrates a firstfacility access transaction 710 involving a smart access card 710A and acard reader 720A, and a second facility access transaction 720 involvinga smart access fob 710B and a fob reader 720B. In the illustratedexample, the system 700 further includes a central facility accesscontroller 730 that includes a processing module 732 and a data storage734 coupled to the processing module 732. The processing module 732 iscommunicatively connected to the card reader 720A and the fob reader620B via a communication network 708, which can be a local area network(LAN) or a wide area network (WAN).

In the first facility access transaction 701, a user presents the smartaccess card 710A to the card reader 720B to gain access to a facility.The card reader 720B can communicate with the card 710A using one ofvarious contact or contactless methods, including non-limiting examplesdescribed above. In the second facility access transaction 702, a userpresents the smart access fob 710A to the fob reader 720B to gain accessto the facility.

In each of these facility access transactions 701, 702, athreshold-based authentication procedure similar to the threshold-basedauthentication procedures described above with respect to FIGS. 1-4 canbe performed to determine if a token-based authentication and/or abiometric-based authentication is required. For the first facilityaccess transaction 701, a comparison of an access security levelassociated with an access domain and an access permission levelassociated with the smart access card 710A can be performed by theprocessing module 732 at the central facility access controller 730, aprocessor in the card reader 720A, or a processor in the smart accesscard 710A. The access security level and the access permission level canbe stored in a memory in the smart access card 710A, the databased 734,in a memory in the card reader 730A, or a combination thereof. For thesecond facility access transaction 702, a comparison of an accesssecurity level associated with an access domain and an access permissionlevel associated with the smart access fob 710B can be performed by theprocessing module 732 at the central facility access controller 730, aprocessor in the fob reader 720B, or a processor in the smart access fob710B. The access security level and the access permission level can bestored in a memory in the smart access fob 710B, the database 734, in amemory in the fob reader 720B, or a combination thereof.

FIG. 8 depicts an exemplary computer access control system 800 thatimplements a threshold-based authentication procedure according tocertain aspects of the present disclosure. FIG. 8 illustrates a firstcomputer access transaction 801 involving a contact smart access card810A and a card reader 820A, and a second computer access transaction802 involving a contactless smart access card 810B and a card reader820B. In the illustrated example, the system 800 further includes acentral computer system 830 that includes one or more servers 832 and adatabase 834 coupled to the server(s) 832. The sever(s) 832 is connectedto the computers 850A, 820B via a network 808, which can be a local areanetwork (LAN) or a wide area network (WAN). In certain embodiments, thesystem 800 can allow a first group of users to access files andapplications stored in and running on the computers 850A, 850B and allowa second group of users to access files and applications stored in andrunning on the computers 850A, 850B and the server(s) 832 and thedatabase 834 in the central computer system 830.

In the first computer access transaction 801, a user can insert acontact smart access card 810A into a card reader 820A coupled to thedesktop computer 850A for access to the desktop computer 850A and/or thecentral computer system 832. In the illustrated example, the desktopcomputer 850A is coupled to the network 808 via a wired connection. Inthe second computer access transaction 802, a user can place acontactless smart access card 810B adjacent to a card reader 820Bcoupled to a laptop computer 850B for access to the laptop computer 850Band/or the server(s) 832 and the database 834 in the central computersystem 830. The laptop computer 850B is coupled to the network 808 via awireless connection.

In each of these computer access transactions 801, 802, athreshold-based authentication procedure similar to the threshold-basedauthentication procedures described above with respect to FIGS. 1-4 canbe performed to determine whether a token-based authentication and/or abiometric-based authentication is required. For the first computeraccess transaction 801, a comparison of an access security levelassociated with an access domain and an access permission levelassociated with the smart access card 810A can be performed by server(s)832 at the central computer system 830, a processor in the card reader820A, a processor in the smart access card 810A, or a processor in thedesktop computer 850A. The access security level and the accesspermission level can be stored in a memory in the smart access card810A, the database 834, in a memory in a desktop computer 850A, or acombination thereof. For the second computer access transaction 802, acomparison of an access security level associated and access domain andan access permission level associated with the smart access card 810Bcan be performed by server(s) 832 at the central computer system 830, aprocessor in the card reader 820B, a processor in the smart access card810B, or a processor in the laptop computer 850B. The access securitylevel and the access permission level can be stored in a memory in thesmart access card 610B, the database 834, in a memory in the laptopcomputer 850B, or a combination thereof. In certain embodiments, adedicated computer access controller (not shown) can be employed tocontrol access to the computers 850A, 850B and/or the central computersystem 830, a processing module (e.g., a processor) in the controllercan perform one or more of a token-based authentication, abiometric-based authentication, and a reconciliation-basedauthentication, and a data storage device (e.g., a memory) in thecontroller can store records of computer access transactions fordifferent users.

Although financial transactions and access control transactions havebeen described separately, the same basic threshold-based authenticationprocess applies. A parameter associated with the electronic transactioninvolving an electronic portable transaction device (transactionamount/access security level) is compared with a threshold (thresholdamount/access permission level). If the parameter exceeds the threshold,additional authentication procedures may be initiated. If the parameterdoes not exceed the threshold, the transaction may be completed withoutfurther authentication of the user.

FIG. 9 is a flowchart illustrating an example process 900 for athreshold-based authentication procedure for financial transactionsaccording to certain aspects of the present disclosure.

The process 900 starts at state 901 and proceeds to operation 910, inwhich a processing module in a device identifies a transaction amountassociated with an electronic transaction involving an electronicportable transaction device. The transaction amount is a total of allthe goods and/or services a user is requesting to purchase during thetransaction. The identification may be performed by an electronicportable transaction device, a transaction processing system configuredto process financial transactions involving the electronic portabletransaction device, or an interface device configured to facilitatecommunications between the electronic portable transaction device andthe transaction processing system. Non-limiting examples of theelectronic portable transaction device a smart payment card or a mobileterminal configured for payment transactions. Non-limiting examples ofthe interface device include a fixed or portable POS terminal, a mobileterminal, and a contract or contactless smart card or smart fob readers.

The process 900 proceeds to operation 920, in which a processing modulein the authentication device retrieves a threshold amount from a datastorage device. The data storage device can be a memory (e.g., database)at the transaction processing system, a memory in the electronicportable transaction device, or a memory in the interface device. Thedata storage device may be in the authentication device or in anotherdevice in the electronic transaction system. The threshold amount may bea predetermined amount above which biometric authentication is requiredbefore the transaction is allowed to be completed.

The process 900 proceeds to operation 930, in which a processing modulein the authentication device compares the identified transaction amountand the threshold amount.

The process 900 proceeds to query state 940, in which a processingmodule in the authentication device determines if the transaction amountmatches or exceeds the threshold amount. If the answer to the query is“yes” (i.e., the transaction amount exceeds the threshold), the process900 proceeds to operation 850, in which the processing module initiatesbiometric authentication. In various embodiments, the authenticationdevice may include a biometric authentication module, such as the modulediscussed above with regards to FIG. 3, and initiating biometricauthentication includes requesting the user to enter biometric datathrough the biometric sensor. In other embodiments, the biometricauthentication module may be included in a device other than theauthentication device, and initiating biometric authentication includessending a request to another device to obtain biometric data through thebiometric sensor.

On the other hand, if the answer to the query at the state 940 is “no”(i.e., the transaction amount is less than the threshold amount), theprocess 900 proceeds to operation 960, in which a processing module inthe authentication device allows the transaction to continue withoutrequiring additional biometric authentication. The process 900 ends astate 970.

FIG. 10 is a flowchart illustrating an example process 1000 for athreshold-based authentication procedure for access control transactionsaccording to certain aspects of the present disclosure. The process 1000starts at state 1001 and proceeds to operation 101, in which aprocessing module in a device compares an access permission associatedwith an electronic portable transaction device and an access securitylevel associated with an access domain. The process 1000 proceeds toquery state 1020, in which the device determined if the access securitylevel associated with the access domain is higher than the accesspermission level associated with the electronic portable transactiondevice. If the answer to the query is “yes” (i.e., the access securitylevel exceeds the access permission level), the process 1000 proceeds tooperation 1030, in which the processing module initiates biometricauthentication. In various embodiments, the device may include abiometric authentication module, such as the module discussed above withregards to FIG. 3, and initiating biometric authentication includesrequesting the user to enter biometric data through the biometricsensor. In other embodiments, the biometric authentication module may beincluded in a device other than the device performing thethreshold-based authentication procedure, and initiating biometricauthentication includes sending a request to the other device to obtainbiometric data through the biometric sensor.

On the other hand, if the answer to the query at the state 1020 is “no”(i.e., access security level is less than the access permission level),the process 1000 proceeds to operation 1040, in which a processingmodule in the device permits access to the access domain withoutrequiring additional biometric authentication. The process 1000 ends astate 1050.

It shall be appreciated by those skilled in the art in view of thepresent disclosure that there are numerous possible pairs of arequesting device and an authentication device. In the electronicpayment system 400 of FIG. 4, for example, the requesting device can beone of the interface devices 420A-E and the authentication device can bethe corresponding one of the portable transaction devices 410A-E, orvice versa. Alternatively, the requesting device can be one of theportable transaction devices 410A-E and the authentication device can beserver(s) 432 at the payment processing system 430, or vice versa.Alternatively, the requesting device can be the server(s) 432 at thepayment processing system 430 and the authentication device can be oneof the interface devices 420A-E, or vice versa. In the electronicpayment system 500 of FIG. 5, the requesting device can be one of themobile terminals 520A-B and the authentication device can be one of thesmart payment cards 510A-B, or vice versa. Alternatively, the requestingdevice can be one of the mobile terminals 520A-C and the authenticationdevice can be the server(s) 532 at the payment processing system 530, orvice versa. Alternatively, the requesting device can be the server(s)532 at the payment processing system 530 and the authentication devicecan be one of the smart payment cards 510A-B, or vice versa.

FIG. 11 is an example embodiment the access transaction threshold-basedauthentication procedure of FIG. 10 where the authentication device isan electronic portable transaction device. The process 1100 begins at1101 and proceeds to 1110, where the electronic portable transactiondevice receives an indication of the access security level from a fixedaccess control device associated with the access domain. In variousembodiments, the fixed access control device may be a smart access cardor smart fob reader connected to the locking mechanism of an entry wayto a facility or area of a facility, or connected to a computer orcomputing system. In various embodiments, the fixed access controldevice may be connected with an access control system and have access toa database of the access control system. The process 1100 proceeds tooperation 1120, where the access security level and the accesspermission level are compared to determine if biometric authenticationis required. Operations 1120, 1130, 1140, and 1150 operate in a similarfashion as operations 1010, 120, 1030, and 1040 of FIG. 10.

FIG. 12 is an example embodiment the access transaction threshold-basedauthentication procedure of FIG. 10 where the authentication device is afixed access control device. The process 1200 begins at 1201 andproceeds to 1210, where the fixed access control device receives arequest to access an access domain from a portable access controldevice. In various embodiments, the fixed access control device may be asmart access card or smart fob reader connected to the locking mechanismof an entry way to a facility or area of a facility, or connected to acomputer or computing system. In various embodiments, the fixed accesscontrol device may be connected with an access control system and haveaccess to a database of the access control system.

The process 1200 proceeds to operation 1220, where the fixed accesscontrol device receives an indication of an access permission levelassociated with the electronic portable transaction device from theelectronic portable transaction device. The access permission level maybe stored in a memory within the electronic portable transaction device.The process 1200 proceeds to operations 1230, 1240, 1250, and 1260,which operate in a similar way to operations 1010, 1020, 1030, and 1040of FIG. 10.

It shall be appreciated by those skilled in the art in view of thepresent disclosure that various described operations of the exemplaryprocesses 900, 1000, 1100, and 1200 may be performed in differentorders, optionally skipped, and/or removed.

The description of the technology is provided to enable any personskilled in the art to practice the various embodiments described herein.While the technology has been particularly described with reference tothe various figures and embodiments, it should be understood that theseare for illustration purposes only and should not be taken as limitingthe scope of the various embodiments.

There may be many other ways to implement the various embodiments.Various functions and elements described herein may be partitioneddifferently from those shown without departing from the spirit and scopeof the technology disclosed. Various modifications to these embodimentswill be readily apparent to those skilled in the art, and genericprinciples defined herein may be applied to other embodiments. Thus,many changes and modifications may be made to the various embodiments,by one having ordinary skill in the art, without departing from thespirit and scope of the various embodiments.

A reference to an element in the singular is not intended to mean “oneand only one” unless specifically stated, but rather “one or more.” Theterm “some” refers to one or more. Underlined and/or italicized headingsand subheadings are used for convenience only, do not limit the scope ofthe various embodiments, and are not referred to in connection with theinterpretation of the description of the embodiment. All structural andfunctional equivalents to the elements of the various embodiments of thetechnology described throughout this disclosure that are known or latercome to be known to those of ordinary skill in the art are expresslyincorporated herein by reference and intended to be encompassed by thetechnology disclosed. Moreover, nothing disclosed herein is intended tobe dedicated to the public regardless of whether such disclosure isexplicitly recited in the above description.

We claim:
 1. A method of selectively initiating biometric authenticationfor financial transactions, comprising: (a) identifying a transactionamount associated with an electronic transaction involving an electronicportable transaction device; (b) comparing the transaction amount and athreshold amount; and (c) initiating a biometric authentication processif the transaction amount exceeds the threshold amount.
 2. The method ofclaim 1, wherein the electronic portable transaction device is a smartcard or a mobile terminal.
 3. The method of claim 1, wherein the steps(a)-(c) are performed at the electronic portable transaction device. 4.The method of claim 3, wherein initiating a biometric authenticationcomprises requesting a user to enter biometric data via a biometricscanner of the electronic portable transaction device.
 5. The method ofclaim 3, wherein initiating a biometric authentication comprisesrequesting biometric data associated with a user from an interfacedevice for facilitating communication between the electronic portabletransaction device and a payment processing system, wherein theinterface device comprises a biometric scanner.
 6. The method of claim1, wherein the steps (a)-(c) are performed at a payment processingsystem.
 7. The method of claim 6, further comprising receiving a requestto conduct an electronic financial transaction.
 8. The method of claim1, wherein the steps (a)-(c) are performed at an interface device forfacilitating communication between the electronic portable transactiondevice and a payment processing system.
 9. The method of claim 8,wherein the electronic portable transaction device comprises a biometricscanner, and initiating a biometric authentication comprises requestingbiometric data associated with a user from the electronic portabletransaction device.
 10. The method of claim 8, wherein the interfacedevice comprises a biometric scanner and initiating a biometricauthentication comprises requesting a user to input biometric data viathe biometric scanner.
 11. The method of claim 1, wherein a data storagedevice is located at the electronic portable transaction device, at apayment processing system, or at an interface device for facilitatingcommunication between the electronic portable transaction device and apayment processing system.
 12. A device for selectively initiatingbiometric authentication for financial transactions, comprising: aprocessing module, configured to execute a program configured to: (a)identify a transaction amount associated with an electronic transactioninvolving an electronic portable transaction device, (b) compare thetransaction amount and a threshold amount, and (c) initiate a biometricauthentication process if the transaction amount exceeds the thresholdamount; and a memory configured to store the program.
 13. The device ofclaim 12, wherein the electronic portable transaction device is a smartcard comprising the processing module and the memory.
 14. The device ofclaim 12, wherein a data storage device is part of the smart card, andthe data storage device is configured to store the threshold amount. 15.The device of claim 14, wherein the data storage device and the memorycomprise the same component.
 16. The device of claim 12, wherein thesmart card further comprises a set of contact pads configured to engagewith a set of contact pads at an interface device for facilitatingcommunication between the electronic portable transaction device and apayment processing system.
 17. The device of claim 12, wherein the smartcard further comprises a biometric authentication module.
 18. The deviceof claim 11, wherein the electronic portable transaction devicecomprises a transceiver configured to engage in wireless datacommunication with an interface device for facilitating communicationbetween the electronic portable transaction device and a paymentprocessing system.
 19. The device of claim 18, wherein the electronicportable transaction device further comprises the processing module andthe memory.
 20. The device of claim 18, wherein the electronic portabletransaction device further comprises a biometric authentication module.21. The device of claim 11, wherein the threshold amount is stored in adata storage device located at the interface device, and the processingmodule is further configured to retrieve the threshold amount from thedata storage device.
 22. The device of claim 11, wherein the thresholdamount is stored in a data storage device located at the paymentprocessing system, and the processing module is further configured toretrieve the threshold amount from the data storage device.